aboutsummaryrefslogtreecommitdiff
path: root/tftf/tests/runtime_services/secure_service/ffa_helpers.c
blob: 78dfa422d10e658c90d1e14b4d57865471e928af (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
/*
 * Copyright (c) 2018-2020, Arm Limited. All rights reserved.
 *
 * SPDX-License-Identifier: BSD-3-Clause
 */

#include <debug.h>
#include <smccc.h>
#include <ffa_helpers.h>
#include <ffa_svc.h>

#define OPTEE_FFA_GET_API_VERSION	(0)
#define OPTEE_FFA_GET_OS_VERSION	(1)
#define OPTEE_FFA_GET_OS_VERSION_MAJOR	(3)
#define OPTEE_FFA_GET_OS_VERSION_MINOR	(8)

/*-----------------------------------------------------------------------------
 * FFA_RUN
 *
 * Parameters
 *     uint32 Function ID (w0): 0x8400006D
 *     uint32 Target information (w1): Information to identify target SP/VM
 *         -Bits[31:16]: ID of SP/VM.
 *         -Bits[15:0]: ID of vCPU of SP/VM to run.
 *     Other Parameter registers w2-w7/x2-x7: Reserved (MBZ)
 *
 * On failure, returns FFA_ERROR in w0 and error code in w2:
 *     -INVALID_PARAMETERS: Unrecognized endpoint or vCPU ID
 *     -NOT_SUPPORTED: This function is not implemented at this FFA instance
 *     -DENIED: Callee is not in a state to handle this request
 *     -BUSY: vCPU is busy and caller must retry later
 *     -ABORTED: vCPU or VM ran into an unexpected error and has aborted
 */
smc_ret_values ffa_run(uint32_t dest_id, uint32_t vcpu_id)
{
	smc_args args = {
		FFA_MSG_RUN,
		(dest_id << 16) | vcpu_id,
		0, 0, 0, 0, 0, 0
	};

	return tftf_smc(&args);
}

/*-----------------------------------------------------------------------------
 * FFA_MSG_SEND_DIRECT_REQ
 *
 * Parameters
 *     uint32 Function ID (w0): 0x8400006F / 0xC400006F
 *     uint32 Source/Destination IDs (w1): Source and destination endpoint IDs
 *         -Bit[31:16]: Source endpoint ID
 *         -Bit[15:0]: Destination endpoint ID
 *     uint32/uint64 (w2/x2) - RFU MBZ
 *     w3-w7 - Implementation defined
 *
 * On failure, returns FFA_ERROR in w0 and error code in w2:
 *     -INVALID_PARAMETERS: Invalid endpoint ID or non-zero reserved register
 *     -DENIED: Callee is not in a state to handle this request
 *     -NOT_SUPPORTED: This function is not implemented at this FFA instance
 *     -BUSY: Message target is busy
 *     -ABORTED: Message target ran into an unexpected error and has aborted
 */
static smc_ret_values __ffa_msg_send_direct_req32_5(uint32_t source_id,
						     uint32_t dest_id,
						     uint32_t arg0,
						     uint32_t arg1,
						     uint32_t arg2,
						     uint32_t arg3,
						     uint32_t arg4)
{
	smc_args args = {
		FFA_MSG_SEND_DIRECT_REQ_SMC32,
		(source_id << 16) | dest_id,
		0,
		arg0, arg1, arg2, arg3, arg4
	};

	return tftf_smc(&args);
}

/* Direct message send helper accepting a single 32b message argument */
smc_ret_values ffa_msg_send_direct_req(uint32_t source_id, uint32_t dest_id,
					uint32_t message)
{
	return __ffa_msg_send_direct_req32_5(source_id, dest_id,
					      message, 0, 0, 0, 0);
}

smc_ret_values ffa_msg_send_direct_req64_5args(uint32_t source_id,
						     uint32_t dest_id,
						     uint64_t arg0,
						     uint64_t arg1,
						     uint64_t arg2,
						     uint64_t arg3,
						     uint64_t arg4)
{
	smc_args args = {
		FFA_MSG_SEND_DIRECT_REQ_SMC64,
		(source_id << 16) | dest_id,
		0,
		arg0, arg1, arg2, arg3, arg4
	};

	return tftf_smc(&args);
}

/* Direct message send helper accepting a single 64b message argument */
smc_ret_values ffa_msg_send_direct_req64(uint32_t source_id, uint32_t dest_id,
					uint64_t message)
{
	return ffa_msg_send_direct_req64_5args(source_id, dest_id,
					      message, 0, 0, 0, 0);
}

/*
 * check_spmc_execution_level
 *
 * Attempt sending impdef protocol messages to OP-TEE through direct messaging.
 * Criteria for detecting OP-TEE presence is that responses match defined
 * version values. In the case of SPMC running at S-EL2 (and Cactus instances
 * running at S-EL1) the response will not match the pre-defined version IDs.
 *
 * Returns true if SPMC is probed as being OP-TEE at S-EL1.
 *
 */
bool check_spmc_execution_level(void)
{
	unsigned int is_optee_spmc_criteria = 0U;
	smc_ret_values ret_values;

	/*
	 * Send a first OP-TEE-defined protocol message through
	 * FFA direct message.
	 *
	 */
	ret_values = ffa_msg_send_direct_req(HYP_ID, SP_ID(1),
						OPTEE_FFA_GET_API_VERSION);
	if ((ret_values.ret3 == FFA_VERSION_MAJOR) &&
	    (ret_values.ret4 == FFA_VERSION_MINOR)) {
		is_optee_spmc_criteria++;
	}

	/*
	 * Send a second OP-TEE-defined protocol message through
	 * FFA direct message.
	 *
	 */
	ret_values = ffa_msg_send_direct_req(HYP_ID, SP_ID(1),
						OPTEE_FFA_GET_OS_VERSION);
	if ((ret_values.ret3 == OPTEE_FFA_GET_OS_VERSION_MAJOR) &&
	    (ret_values.ret4 == OPTEE_FFA_GET_OS_VERSION_MINOR)) {
		is_optee_spmc_criteria++;
	}

	return (is_optee_spmc_criteria == 2U);
}

/**
 * Initialises the header of the given `ffa_memory_region`, not including the
 * composite memory region offset.
 */
static void ffa_memory_region_init_header(
	struct ffa_memory_region *memory_region, ffa_vm_id_t sender,
	ffa_memory_attributes_t attributes, ffa_memory_region_flags_t flags,
	ffa_memory_handle_t handle, uint32_t tag, ffa_vm_id_t receiver,
	ffa_memory_access_permissions_t permissions)
{
	memory_region->sender = sender;
	memory_region->attributes = attributes;
	memory_region->reserved_0 = 0;
	memory_region->flags = flags;
	memory_region->handle = handle;
	memory_region->tag = tag;
	memory_region->reserved_1 = 0;
	memory_region->receiver_count = 1;
	memory_region->receivers[0].receiver_permissions.receiver = receiver;
	memory_region->receivers[0].receiver_permissions.permissions =
		permissions;
	memory_region->receivers[0].receiver_permissions.flags = 0;
	memory_region->receivers[0].reserved_0 = 0;
}

/**
 * Initialises the given `ffa_memory_region` and copies as many as possible of
 * the given constituents to it.
 *
 * Returns the number of constituents remaining which wouldn't fit, and (via
 * return parameters) the size in bytes of the first fragment of data copied to
 * `memory_region` (attributes, constituents and memory region header size), and
 * the total size of the memory sharing message including all constituents.
 */
uint32_t ffa_memory_region_init(
	struct ffa_memory_region *memory_region, size_t memory_region_max_size,
	ffa_vm_id_t sender, ffa_vm_id_t receiver,
	const struct ffa_memory_region_constituent constituents[],
	uint32_t constituent_count, uint32_t tag,
	ffa_memory_region_flags_t flags, enum ffa_data_access data_access,
	enum ffa_instruction_access instruction_access,
	enum ffa_memory_type type, enum ffa_memory_cacheability cacheability,
	enum ffa_memory_shareability shareability, uint32_t *total_length,
	uint32_t *fragment_length)
{
	ffa_memory_access_permissions_t permissions = 0;
	ffa_memory_attributes_t attributes = 0;
	struct ffa_composite_memory_region *composite_memory_region;
	uint32_t fragment_max_constituents;
	uint32_t count_to_copy;
	uint32_t i;
	uint32_t constituents_offset;

	/* Set memory region's permissions. */
	ffa_set_data_access_attr(&permissions, data_access);
	ffa_set_instruction_access_attr(&permissions, instruction_access);

	/* Set memory region's page attributes. */
	ffa_set_memory_type_attr(&attributes, type);
	ffa_set_memory_cacheability_attr(&attributes, cacheability);
	ffa_set_memory_shareability_attr(&attributes, shareability);

	ffa_memory_region_init_header(memory_region, sender, attributes, flags,
				      0, tag, receiver, permissions);
	/*
	 * Note that `sizeof(struct_ffa_memory_region)` and `sizeof(struct
	 * ffa_memory_access)` must both be multiples of 16 (as verified by the
	 * asserts in `ffa_memory.c`, so it is guaranteed that the offset we
	 * calculate here is aligned to a 64-bit boundary and so 64-bit values
	 * can be copied without alignment faults.
	 */
	memory_region->receivers[0].composite_memory_region_offset =
		sizeof(struct ffa_memory_region) +
		memory_region->receiver_count *
			sizeof(struct ffa_memory_access);

	composite_memory_region =
		ffa_memory_region_get_composite(memory_region, 0);
	composite_memory_region->page_count = 0;
	composite_memory_region->constituent_count = constituent_count;
	composite_memory_region->reserved_0 = 0;

	constituents_offset =
		memory_region->receivers[0].composite_memory_region_offset +
		sizeof(struct ffa_composite_memory_region);
	fragment_max_constituents =
		(memory_region_max_size - constituents_offset) /
		sizeof(struct ffa_memory_region_constituent);

	count_to_copy = constituent_count;
	if (count_to_copy > fragment_max_constituents) {
		count_to_copy = fragment_max_constituents;
	}

	for (i = 0; i < constituent_count; ++i) {
		if (i < count_to_copy) {
			composite_memory_region->constituents[i] =
				constituents[i];
		}
		composite_memory_region->page_count +=
			constituents[i].page_count;
	}

	if (total_length != NULL) {
		*total_length =
			constituents_offset +
			composite_memory_region->constituent_count *
				sizeof(struct ffa_memory_region_constituent);
	}
	if (fragment_length != NULL) {
		*fragment_length =
			constituents_offset +
			count_to_copy *
				sizeof(struct ffa_memory_region_constituent);
	}

	return composite_memory_region->constituent_count - count_to_copy;
}

/**
 * Initialises the given `ffa_memory_region` to be used for an
 * `FFA_MEM_RETRIEVE_REQ` by the receiver of a memory transaction.
 *
 * Returns the size of the message written.
 */
uint32_t ffa_memory_retrieve_request_init(
	struct ffa_memory_region *memory_region, ffa_memory_handle_t handle,
	ffa_vm_id_t sender, ffa_vm_id_t receiver, uint32_t tag,
	ffa_memory_region_flags_t flags, enum ffa_data_access data_access,
	enum ffa_instruction_access instruction_access,
	enum ffa_memory_type type, enum ffa_memory_cacheability cacheability,
	enum ffa_memory_shareability shareability)
{
	ffa_memory_access_permissions_t permissions = 0;
	ffa_memory_attributes_t attributes = 0;

	/* Set memory region's permissions. */
	ffa_set_data_access_attr(&permissions, data_access);
	ffa_set_instruction_access_attr(&permissions, instruction_access);

	/* Set memory region's page attributes. */
	ffa_set_memory_type_attr(&attributes, type);
	ffa_set_memory_cacheability_attr(&attributes, cacheability);
	ffa_set_memory_shareability_attr(&attributes, shareability);

	ffa_memory_region_init_header(memory_region, sender, attributes, flags,
					handle, tag, receiver, permissions);
	/*
	 * Offset 0 in this case means that the hypervisor should allocate the
	 * address ranges. This is the only configuration supported by Hafnium,
	 * as it enforces 1:1 mappings in the stage 2 page tables.
	 */
	memory_region->receivers[0].composite_memory_region_offset = 0;
	memory_region->receivers[0].reserved_0 = 0;

	return sizeof(struct ffa_memory_region) +
	       memory_region->receiver_count * sizeof(struct ffa_memory_access);
}

/*
 * FFA Version ABI helper.
 * Version fields:
 *	-Bits[30:16]: Major version.
 *	-Bits[15:0]: Minor version.
 */
smc_ret_values ffa_version(uint32_t input_version)
{
	smc_args args = {
		.fid = FFA_VERSION,
		.arg1 = input_version
	};

	return tftf_smc(&args);
}

smc_ret_values ffa_id_get(void)
{
	smc_args args = {
		.fid = FFA_ID_GET
	};

	return tftf_smc(&args);
}

smc_ret_values ffa_msg_wait(void)
{
	smc_args args = {
		.fid = FFA_MSG_WAIT
	};

	return tftf_smc(&args);
}

smc_ret_values ffa_msg_send_direct_resp(ffa_vm_id_t source_id,
						ffa_vm_id_t dest_id,
						uint32_t message)
{
	smc_args args = {
		.fid = FFA_MSG_SEND_DIRECT_RESP_SMC32,
		.arg1 = ((uint32_t)source_id << 16) | dest_id,
		.arg3 = message
	};

	return tftf_smc(&args);
}

smc_ret_values ffa_error(int32_t error_code)
{
	smc_args args = {
		.fid = FFA_ERROR,
		.arg1 = 0,
		.arg2 = error_code
	};

	return tftf_smc(&args);
}

/* Query the higher EL if the requested FF-A feature is implemented. */
smc_ret_values ffa_features(uint32_t feature)
{
	smc_args args = {
		.fid = FFA_FEATURES,
		.arg1 = feature
	};

	return tftf_smc(&args);
}

/* Get information about VMs or SPs based on UUID */
smc_ret_values ffa_partition_info_get(const uint32_t uuid[4])
{
	smc_args args = {
		.fid = FFA_PARTITION_INFO_GET,
		.arg1 = uuid[0],
		.arg2 = uuid[1],
		.arg3 = uuid[2],
		.arg4 = uuid[3]
	};

	return tftf_smc(&args);
}

/* Query SPMD that the rx buffer of the partition can be released */
smc_ret_values ffa_rx_release(void)
{
	smc_args args = {
		.fid = FFA_RX_RELEASE
	};

	return tftf_smc(&args);
}

/* Map the RXTX buffer */
smc_ret_values ffa_rxtx_map(uintptr_t send, uintptr_t recv, uint32_t pages)
{
	smc_args args = {
		.fid = FFA_RXTX_MAP_SMC64,
		.arg1 = send,
		.arg2 = recv,
		.arg3 = pages
	};

	return tftf_smc(&args);
}

/* Donate memory to another partition */
smc_ret_values ffa_mem_donate(uint32_t descriptor_length,
				uint32_t fragment_length)
{
	smc_args args = {
		.fid = FFA_MEM_DONATE_SMC32,
		.arg1 = descriptor_length,
		.arg2 = fragment_length,
		.arg3 = FFA_PARAM_MBZ,
		.arg4 = FFA_PARAM_MBZ
	};

	return tftf_smc(&args);
}

/* Lend memory to another partition */
smc_ret_values ffa_mem_lend(uint32_t descriptor_length,
				uint32_t fragment_length)
{
	smc_args args = {
		.fid = FFA_MEM_LEND_SMC32,
		.arg1 = descriptor_length,
		.arg2 = fragment_length,
		.arg3 = FFA_PARAM_MBZ,
		.arg4 = FFA_PARAM_MBZ
	};

	return tftf_smc(&args);
}

/* Share memory with another partition */
smc_ret_values ffa_mem_share(uint32_t descriptor_length,
				uint32_t fragment_length)
{
	smc_args args = {
		.fid = FFA_MEM_SHARE_SMC32,
		.arg1 = descriptor_length,
		.arg2 = fragment_length,
		.arg3 = FFA_PARAM_MBZ,
		.arg4 = FFA_PARAM_MBZ
	};

	return tftf_smc(&args);
}

/* Retrieve memory shared by another partition */
smc_ret_values ffa_mem_retrieve_req(uint32_t descriptor_length,
					uint32_t fragment_length)
{
	smc_args args = {
		.fid = FFA_MEM_RETRIEVE_REQ_SMC32,
		.arg1 = descriptor_length,
		.arg2 = fragment_length,
		.arg3 = FFA_PARAM_MBZ,
		.arg4 = FFA_PARAM_MBZ,
		.arg5 = FFA_PARAM_MBZ,
		.arg6 = FFA_PARAM_MBZ,
		.arg7 = FFA_PARAM_MBZ
	};

	return tftf_smc(&args);
}

/* Relinquish access to memory region */
smc_ret_values ffa_mem_relinquish(void)
{
	smc_args args = {
		.fid = FFA_MEM_RELINQUISH,
	};

	return tftf_smc(&args);
}

/* Reclaim exclusive access to owned memory region */
smc_ret_values ffa_mem_reclaim(uint64_t handle, uint32_t flags)
{
	smc_args args = {
		.fid = FFA_MEM_RECLAIM,
		.arg1 = (uint32_t) handle,
		.arg2 = (uint32_t) (handle >> 32),
		.arg3 = flags
	};

	return tftf_smc(&args);
}